Cloud Native at AWS – Adrian Cockcroft, Amazon Web Services

In this video

About Adrian Cockcroft

Adrian Cockcroft, the keynote speaker at the CloudNativeCon, is the Vice President of Cloud Architecture Strategy at Amazon Web Services (AWS). Cockcroft has a distinguished career as a software developer and cloud architect that spans across Sun Microsystems, eBay, Netflix, and now Amazon. In the talk, he covers multiple areas of Cloud Native philosophy in the context of AWS services.

Key Talking Points

The talk discusses the following topics:

Cloud Native Principles

In a cloud native implementation, businesses pay as they go. They don’t have to invest in large infrastructures. They can simply pay for the used resources after the fact. Also, there is no need to wait for third-party setups. Developers can follow a self-service model.

Clouds give businesses access to high availability services across the globe and teams can reach high utilization of resources through turning off unused components.

Cloud native’s immutable code deployment practices mean there is no need to save the machines or containers. Teams can discard unused resources and fire up new ones as necessary.

AWS Open Source Initiative and CNI Integration

Amazon is proactively working the Cloud Native Computing Foundation (CNCF) to integrate components with AWS ECS for container network interface (CNI). AWS native VPC networking will work with CNI plugin. It means CNIs can operate at the same networking efficiency that AWS instances enjoy with each other.

Fargate Container Provisioning

In order to run containers, developers have to set up AMIs, daemons, and IAMs. AWS Fargate allows developers to run containers without the worry of managing servers and clusters.

Kubernetes as a Service

Amazon is also concentrating on Kubernetes integration with AWS installers, IAM security, and EKS, etc. Around 63% of all Kubernetes workloads run on AWS. Amazon is investing resources to ensure the Kubernetes users get a better experience.

An important component of the Kubernetes implementation on AWS is keeping it open source. AWS is not using a forked version of the platform. It is working with the community to reach consensus on any new feature or update.

However, Amazon is trying to ensure seamless Kubernetes integration with AWS features. Here are a few key integrations:

  • IAM Authentication with Kubernetes: AWS is working with Heptio to create an open source project to integrate Kubernetes access and AWS IAM authentication.
  • IAM Roles for Pods: The kube2iam open source project handles another part of Kubernetes management. Instead of sharing IAM credentials, containers inside Kubernetes clusters get their own IAM credentials based on annotations. AWS is also working on integration with both Hashicorp Vault and Secure Production Identity Framework for Everyone (SPIFFE).

Amazon has taken all the learning and features from their work with Kubernetes customers and created Amazon Elastic Container Service for Kubernetes (Amazon EKS). It is a fully managed service that will use the open source version of the system to run Kubernetes clusters. Customers wouldn’t have to worry about installing and operating the Kubernetes master or configuring a cluster of workers.

Amazon EKS is still under development. It is being created on the following tenets:

  • Intended for enterprises to run production-grade workloads.
  • Provide a native and upstream Kubernetes experience.
  • Make the integration seamless and eliminate extra work.
  • Actively contribute to the Kubernetes project.

Currently, Amazon is working to get EKS released in 2018. Amazon Fargate integration with EKS will take place later.


(Visited 57 times, 4 visits today)

You might be interested in